Transcript ECE4112 Smart Card Security

ECE4112 Smart Card
Security
Nicholas Dorsey
Steven Hurst
April 28 2005
Smart Cards and Networks
•
What do smart cards have to do with networks?
•
Does small = Secure?
•
The focus of our presentation is on the TI TMS370 smart card that was
previously used in pay TV system.
History Of Hacking Smart
Cards
•
Since inception all US pay TV smart cards have been hacked
•
Early 1990’s smart cards made their way into pay TV systems, only to
be hacked months later.
•
Each generation of smart card has had increased security features.
•
With each enhancement to security, more robust hacks have been
developed.
•
Early hacks made use of “write-holes”.
•
More modern hacks make use of buffer overflow style attacks.
Methods of Attacking Smart Cards
•
Microprobing
-Physically attack the microprocessor to facilitate a dump of its
contents
-Expensive
-Requires skill and expensive equipment
-Destructive
•
Glitching
-Use a device to manipulate the clock speed and voltage to dump the
contents of the card.
-Devices are cheap (around $50)
-May be destructive, and very time consuming
•
Buy trade secrets from developers of the technology
Glitching Attacks
•
Clock Bursts
-Momentary, rapid increase in clock frequency
-Causes instructions to be skipped, because execution routine does
not have enough time to finish when the new clock cycle occurs.
•
Voltage Glitch
-Momentary drop in voltage from about 4.5V to .5V
-Causes instructions to be decoded incorrectly
•
These attacks can occur at the same time
Devices used to Attack Smart
Cards
•
Called by several names (unloopers, glitchers, card readers)
•
Originally developed to repair corrupted EPROMs
•
In the early 1990s Directv® sent an update to all the smart cards. This
caused most hacked cards to enter into an infinite loop on startup.
•
The intention was to end smart card hacking for good by destroying
the cards used by hackers.
•
The result was a hacking revolution
•
Two foreign groups emerged with devices to repair the cards called
unloopers. Fast Eddie (Dean Love) and VoN (Chris Tarnovsky)
Devices Contd
•
The loop was similar to the following
Code:
8000: jump $8005
….
8005: jump $8000
….. more code
The unloopers applied a glitch at address 8005 causing the jump
instruction to be skipped, or interpreted as a NOP.
Devices
•
The sale of these devices would fund satellite hacking for the next
decade
•
As time went on the devices became more precise, and eventually
became stand alone devices.
•
Today most glitchers use an Atmel AT90s2313 AVR to control the clock
and voltage glitches.
•
Newest generation of smart cards are not susceptible to clock and
voltage glitches (directly).
How to go from Access to A Hack
•
Dump the card
•
Disassemble ROM and EPROM routines
•
Find code in EPROM that can be modified to give access to what you
want
•
If pay TV hack, prevent hashing
Pay TV Hacks
•
Two types
•
Activation
-cloning your neighbors card to watch TV for free
•
3Ms
-one for all and all for one
-modify code in the EPROM to enable all channels
What is Hashing
•
Some smart cards have routines that execute programs (hashes) from
the data stream.
•
Hashes calculate a checksum of the EPROM and use this checksum
as part of video decryption
•
New video packets are sent about every 8 sec
•
If the correct signature is not calculated, then the video cannot be
decrypted
•
Anyone have any idea how to defeat a Hash?
What you will do in lab
•
Use a smart card programmer to passively get data from a smart card
•
Use glitching features to forcefully gain access to EPROM data
•
Use glitching features to repair corrupted Eprom data
•
Explore different utilities that do the above tasks. (XtremeHU and
WinExplorer)
News Flash
Has the latest security card in use by Directv® been hacked?
References
•
www.interesting-devices.com
•
Excellent source for History and ongoing advances in smart card
technology.